GHSA-prrf-397v-83xh
GitHub Security Advisory
Open redirect in ASP.NET Core
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'.
Affected Packages
NuGet
Microsoft.AspNetCore.App
Affected versions:
2.2.0
(fixed in 2.2.6)
NuGet
Microsoft.AspNetCore.App
Affected versions:
2.1.0
(fixed in 2.1.12)
NuGet
Microsoft.AspNetCore.All
Affected versions:
2.2.0
(fixed in 2.2.6)
NuGet
Microsoft.AspNetCore.All
Affected versions:
2.1.0
(fixed in 2.1.12)
NuGet
Microsoft.AspNetCore.Server.IIS
Affected versions:
2.2.0
(fixed in 2.2.6)
NuGet
Microsoft.AspNetCore.Server.HttpSys
Affected versions:
2.2.0
(fixed in 2.2.6)
NuGet
Microsoft.AspNetCore.Server.HttpSys
Affected versions:
2.1.0
(fixed in 2.1.12)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: June 12, 2025 6:24 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.